Tag

Endpoint Security

Comprehensive resources on securing laptops, desktops, mobile devices, and other endpoints that connect to your network. Covers endpoint detection and response tools, device hardening, patch management, encryption, and policies that minimize the attack surface across distributed environments.

posts

Keylogger Attack

Keylogger Attack: How Hackers Steal Every Keystroke

In March 2021, security researchers discovered that the Agent Tesla keylogger had become one of the most prevalent malware families in the wild, appearing in phishing campaigns targeting organizations across every sector. This wasn't some exotic zero-day. It was a commodity keylogger attack tool that anyone could buy

Carl B. Johnson Sep 03, 2021 7 min read
Computer Virus Prevention

Computer Virus Prevention: 9 Steps That Actually Work

In May 2021, a single compromised password shut down Colonial Pipeline — the largest fuel pipeline in the United States. Gasoline shortages spread across the Southeast. The company paid a $4.4 million ransom in Bitcoin. The root cause wasn't some exotic zero-day exploit. It was a legacy VPN

Carl B. Johnson Jul 01, 2021 7 min read
Computer Virus Prevention

Computer Virus Prevention: 9 Steps That Actually Work

The Colonial Pipeline ransomware attack this month shut down fuel distribution across the eastern United States. A single compromised password led to one of the most disruptive cyberattacks in American history. If you think knowing how to computer virus prevent strategies is just IT housekeeping, that pipeline — and the gas

Carl B. Johnson May 29, 2021 6 min read
Ransomware

How Ransomware Spreads: 5 Attack Vectors You Must Block

A Single Click Cost One Hospital $67 Million In September 2020, Universal Health Services — one of the largest healthcare providers in the U.S. — got hit by the Ryuk ransomware strain. The attack shut down systems across 400 facilities. Patients were diverted. Records went analog. The final damage? An estimated

Carl B. Johnson Mar 12, 2021 7 min read
Mobile Device Security Policy

Mobile Device Security Policy: What Yours Is Missing

A Single Lost Phone Cost This Company $3.3 Million In 2023, the healthcare provider Yakima Valley Memorial Hospital disclosed a data breach where a security guard used login credentials on a personal mobile device to access the records of over 400 patients. That incident triggered an OCR investigation, reputational

Carl B. Johnson Oct 27, 2020 7 min read
BYOD Security Risks

BYOD Security Risks: What's Really on Your Network

The Personal Phone That Took Down a Hospital Network In 2023, a nurse at a mid-sized hospital plugged a personal phone into a workstation USB port to charge it. That phone was already compromised with malware from a sideloaded app. Within 72 hours, threat actors had lateral movement across the

Carl B. Johnson Oct 27, 2020 7 min read
USB Drive Security Risks

USB Drive Security Risks: Why They Still Bypass Defenses

In January 2022, the FBI issued a public warning that the cybercriminal group FIN7 had been mailing malicious USB drives — disguised as gift cards and COVID-19 guidelines — directly to U.S. companies. The drives contained ransomware. Employees plugged them in. Networks fell. That campaign wasn't some edge case

Carl B. Johnson Oct 10, 2020 6 min read
Types of Malware

Types of Malware: What Actually Hits Networks in 2026

A Single Click Cost One Hospital Chain $100 Million In 2024, Change Healthcare was hit by the ALPHV/BlackCat ransomware group. The attack disrupted insurance claims processing for thousands of healthcare providers across the United States. UnitedHealth Group eventually disclosed costs exceeding $870 million related to the incident. The entry

Carl B. Johnson May 08, 2020 7 min read
Adware vs Spyware

Adware vs Spyware: What Security Teams Must Know

In 2023, a seemingly harmless browser extension called "PDF Toolbox" was downloaded over two million times from the Chrome Web Store before researchers at Palant discovered it was quietly injecting tracking code and redirecting ad revenue — a textbook adware operation that crossed hard into spyware territory. That single

Carl B. Johnson May 08, 2020 7 min read
Trojan Horse Malware

Trojan Horse Malware: How It Gets In and How to Stop It

The Fake Invoice That Cost a Hospital $28 Million In 2024, Ascension Healthcare disclosed a ransomware attack that disrupted operations at 140 hospitals across 19 states. The initial entry point? An employee opened what appeared to be a routine file. It was trojan horse malware — a malicious payload disguised as

Carl B. Johnson May 08, 2020 7 min read